CVE-2023-40042

CVSS V2 None CVSS V3 None
Description
TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setStaticDhcpConfig in /lib/cste_modules/lan.so. Attackers can send crafted data in an MQTT packet, via the comment parameter, to control the return address and execute code.
Overview
  • CVE ID
  • CVE-2023-40042
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-08-08T19:15:10
  • Last Modified Date
  • 2023-08-11T23:37:49
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:totolink:t10_v2_firmware:5.9c.5061_b20200511:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:totolink:t10_v2:-:*:*:*:*:*:*:* 0 OR
History
Created Old Value New Value Data Type Notes
2023-09-06 03:19:41 Added to TrackCVE
2023-09-06 03:19:44 Weakness Enumeration new